Rename functions, clarify examples (#3)
This commit is contained in:
wussler
Daniel Huigens
parent
b3047cee4d
commit
388fa872e7
3 changed files with 23 additions and 24 deletions
27
README.md
27
README.md
|
|
@ -114,21 +114,20 @@ const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
|
|||
|
||||
const passphrase = `the passphrase of the private key` // what the privKey is encrypted with
|
||||
|
||||
privateKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(privkey))
|
||||
publicKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(pubkey))
|
||||
|
||||
// encrypt message using public key and can be optionally signed using private key and passphrase
|
||||
armor, err := pgp.EncryptMessage("plain text", publicKeyRing, privateKeyRing, passphrase, false)
|
||||
// OR
|
||||
privateKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(privkey))
|
||||
privateKeyRing.Unlock([]byte(passphrase)) // if private key is locked with passphrase
|
||||
armor, err := publicKeyRing.EncryptString("plain text", privateKeyRing)
|
||||
|
||||
// decrypt armored encrypted message using the private key and the passphrase of the private key
|
||||
plainText, err := pgp.DecryptMessage(armor, privateKeyRing, passphrase)
|
||||
// OR
|
||||
signedText, err := privateKeyRing.DecryptString(armor)
|
||||
// encrypt message using public key, can be optionally signed using private key
|
||||
armor, err := publicKeyRing.EncryptMessage("plain text", privateKeyRing)
|
||||
|
||||
// decrypt armored encrypted message using the private key
|
||||
signedText, err := privateKeyRing.DecryptMessage(armor)
|
||||
plainText = signedText.String
|
||||
|
||||
// verify signature (optional)
|
||||
signed = signedText.Signed.IsBy(publicKeyRing)
|
||||
```
|
||||
|
||||
### Generate key
|
||||
|
|
@ -139,7 +138,7 @@ The library supports RSA with different key lengths or Curve25519 keys.
|
|||
```go
|
||||
var pgp = crypto.GopenPGP{}
|
||||
|
||||
var (
|
||||
const (
|
||||
localPart = "name.surname"
|
||||
domain = "example.com"
|
||||
passphrase = "LongSecret"
|
||||
|
|
@ -166,7 +165,7 @@ const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
|
|||
passphrase = "LongSecret"
|
||||
const trimNewlines = false
|
||||
|
||||
signingKeyRing, err := ReadArmoredKeyRing(strings.NewReader(privkey))
|
||||
signingKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(privkey))
|
||||
|
||||
signature, err := signingKeyRing.SignTextDetached(plaintext, passphrase, trimNewlines)
|
||||
// passphrase is optional if the key is already unlocked
|
||||
|
|
@ -188,7 +187,7 @@ const signature = `-----BEGIN PGP SIGNATURE-----
|
|||
const verifyTime = 0
|
||||
const trimNewlines = false
|
||||
|
||||
signingKeyRing, err := ReadArmoredKeyRing(strings.NewReader(pubkey))
|
||||
signingKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(pubkey))
|
||||
|
||||
verified, err := signingKeyRing.VerifyTextDetachedSig(signature, signedPlainText, verifyTime, trimNewlines)
|
||||
```
|
||||
|
|
@ -204,7 +203,7 @@ const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
|
|||
-----END PGP PRIVATE KEY BLOCK-----` // encrypted private key
|
||||
passphrase = "LongSecret"
|
||||
|
||||
signingKeyRing, err := ReadArmoredKeyRing(strings.NewReader(privkey))
|
||||
signingKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(privkey))
|
||||
|
||||
signature, err := signingKeyRing.SignBinDetached(data, passphrase)
|
||||
// passphrase is optional if the key is already unlocked
|
||||
|
|
@ -225,7 +224,7 @@ const signature = `-----BEGIN PGP SIGNATURE-----
|
|||
|
||||
const verifyTime = 0
|
||||
|
||||
signingKeyRing, err := ReadArmoredKeyRing(strings.NewReader(pubkey))
|
||||
signingKeyRing, err := crypto.ReadArmoredKeyRing(strings.NewReader(pubkey))
|
||||
|
||||
verified, err := signingKeyRing.VerifyBinDetachedSig(signature, data, verifyTime)
|
||||
```
|
||||
|
|
|
|||
|
|
@ -228,9 +228,9 @@ func (kr *KeyRing) EncryptArmored(w io.Writer, sign *KeyRing) (wc io.WriteCloser
|
|||
return
|
||||
}
|
||||
|
||||
// EncryptString encrypts and armors a string to the keyring's owner.
|
||||
// EncryptMessage encrypts and armors a string to the keyring's owner.
|
||||
// Wrapper of Encrypt.
|
||||
func (kr *KeyRing) EncryptString(s string, sign *KeyRing) (encrypted string, err error) {
|
||||
func (kr *KeyRing) EncryptMessage(s string, sign *KeyRing) (encrypted string, err error) {
|
||||
var b bytes.Buffer
|
||||
w, err := kr.EncryptArmored(&b, sign)
|
||||
if err != nil {
|
||||
|
|
@ -272,10 +272,10 @@ func (kr *KeyRing) EncryptSymmetric(textToEncrypt string, canonicalizeText bool)
|
|||
return
|
||||
}
|
||||
|
||||
// DecryptString decrypts an armored string sent to the keypair's owner.
|
||||
// DecryptMessage decrypts an armored string sent to the keypair's owner.
|
||||
// If error is errors.ErrSignatureExpired (from golang.org/x/crypto/openpgp/errors),
|
||||
// contents are still provided if library clients wish to process this message further.
|
||||
func (kr *KeyRing) DecryptString(encrypted string) (SignedString, error) {
|
||||
func (kr *KeyRing) DecryptMessage(encrypted string) (SignedString, error) {
|
||||
r, signed, err := kr.DecryptArmored(strings.NewReader(encrypted))
|
||||
if err != nil && err != pgperrors.ErrSignatureExpired {
|
||||
return SignedString{String: encrypted, Signed: nil}, err
|
||||
|
|
@ -290,15 +290,15 @@ func (kr *KeyRing) DecryptString(encrypted string) (SignedString, error) {
|
|||
return SignedString{String: s, Signed: signed}, nil
|
||||
}
|
||||
|
||||
// DecryptStringIfNeeded data if has armored PGP message format, if not return original data.
|
||||
// DecryptMessageIfNeeded data if has armored PGP message format, if not return original data.
|
||||
// If error is errors.ErrSignatureExpired (from golang.org/x/crypto/openpgp/errors),
|
||||
// contents are still provided if library clients wish to process this message further.
|
||||
func (kr *KeyRing) DecryptStringIfNeeded(data string) (decrypted string, err error) {
|
||||
func (kr *KeyRing) DecryptMessageIfNeeded(data string) (decrypted string, err error) {
|
||||
if re := regexp.MustCompile("^-----BEGIN " + constants.PGPMessageHeader + "-----(?s:.+)-----END " +
|
||||
constants.PGPMessageHeader + "-----"); re.MatchString(data) {
|
||||
|
||||
var signed SignedString
|
||||
signed, err = kr.DecryptString(data)
|
||||
signed, err = kr.DecryptMessage(data)
|
||||
decrypted = signed.String
|
||||
} else {
|
||||
decrypted = data
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ func init() {
|
|||
}
|
||||
|
||||
func TestKeyRing_Decrypt(t *testing.T) {
|
||||
decString, err := testPrivateKeyRing.DecryptStringIfNeeded(readTestFile("keyring_token", false))
|
||||
decString, err := testPrivateKeyRing.DecryptMessageIfNeeded(readTestFile("keyring_token", false))
|
||||
if err != nil {
|
||||
t.Fatal("Cannot decrypt token:", err)
|
||||
}
|
||||
|
|
@ -66,14 +66,14 @@ func TestKeyRing_Decrypt(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestKeyRing_Encrypt(t *testing.T) {
|
||||
encrypted, err := testPublicKeyRing.EncryptString(testToken, testPrivateKeyRing)
|
||||
encrypted, err := testPublicKeyRing.EncryptMessage(testToken, testPrivateKeyRing)
|
||||
if err != nil {
|
||||
t.Fatal("Cannot encrypt token:", err)
|
||||
}
|
||||
|
||||
// We can't just check if encrypted == testEncryptedToken
|
||||
// Decrypt instead
|
||||
ss, err := testPrivateKeyRing.DecryptString(encrypted)
|
||||
ss, err := testPrivateKeyRing.DecryptMessage(encrypted)
|
||||
if err != nil {
|
||||
t.Fatal("Cannot decrypt token:", err)
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue